hello world,
My authencation process works fines (JAAS on JBoss 3.2.2 using
org.jboss.security.auth.spi.UsersRolesLoginModule for those who get
interested). It retrieves my subject with its principals (groups of
users).
The problem is this principal doesn't appear to be checked by struts
when the web.xml specifies a security constraint in this way :
<security-constraint>
<web-resource-collection>
<web-resource-name>MyWebAppActions</web-resource-name>
<url-pattern>/action/menuView</url-pattern>
<http-method>HEAD</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>BasicUser</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
On run time a redirect occures because it has been coded in this way in
the web.xml file :
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/action/authenticationView</form-login-page>
<form-error-page>/action/authenticationProcess</form-error-page>
</form-login-config>
</login-config>
Dynamicly, i can see the process authentication that succeeds :
1 - /action/authenticationProcess identifies properly the client
i.e, my loginContext works well : i get my subject and my principals
2 - /action/authenticationProcess tries a forward to action/menuView
3 - this forward is rejected (HTTP/1.1" 500) because this URL is a
protected resource (my <security-constraint>) and my action doesn't care
about a previous sucessful authentication ..
Maybe the relevant question is how can i map the <role-name> with one of
the principals i get from my loginContext ?
Maybe, it is how i can keep the state of this sucessful authentication
for a while to check my authorizations trhrough all the client request ?
Maybe both question are the topic ;-)
Help,
___[ Pub ]____________________________________________________________
Inscrivez-vous gratuitement sur Tandaime, Le site de rencontres !
http://rencontre.rencontres.com/index.php?origine=4
_____________________________________________________________________
Envie de discuter gratuitement avec vos amis ?
Téléchargez Yahoo! Messenger http://yahoo.ifrance.com
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
